https://stackoverflow.com/questions/18275271
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianI found a tool that will handle this perfectly including ssl negotiation:
http://mitmproxy.org/doc/certinstall/android.html
It was android I'm testing but it's a general problem.
Mangle http without using a proxy (ARP Spoofing?)
Question
I'm trying to test a device that will not use proxy for http. I'd like to return a 404 status code on traffic to a certain host - normally I would utilize a proxy and mangle the responses. In this case I'm not able to use a proxy. HTTP packet sniffing in the absense of a proxy is easy enough with wire shark or httpscoop however I can't actually mangle any of the traffic without getting in the middle.
Is it possible to easily arp spoof and modify the response? I'm guessing I'd have to either write something fairly custom to do this (which does sound like fun) OR I could find another solution like dropping all traffic to the ip using iptable rules or similar.
Edit: This is a common problem on android testing so I'm adding a tag. I answered the question: http://mitmproxy.org/doc/certinstall/android.html This will do it via transparent http proxying. You use a router eg iptables or pf to proxy the traffic.
Solution
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
